Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.mft
File:                     oYNGitFuaZjU23dpvvv6BuofE0I.mft (raw, json)
Hash identifier:          mSXnXfiSlXUkxc8tFF4HZ/q51bu71XsA6+BtQFvGxbY=
Subject key identifier:   D7:EF:B1:C4:5B:3F:23:A2:BF:93:82:97:8A:19:7B:D9:70:CB:4D:6E
Authority key identifier: A1:83:46:8A:D1:6E:69:98:D4:DB:77:69:BE:FB:FA:06:EA:1F:13:42
Certificate issuer:       /CN=a183468ad16e6998d4db7769befbfa06ea1f1342
Certificate serial:       019770081C5238BF71CF659AADDA9B839A93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oYNGitFuaZjU23dpvvv6BuofE0I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.mft
Manifest number:          0F0C
Signing time:             Sat 14 Jun 2025 20:01:09 +0000
Manifest this update:     Sat 14 Jun 2025 20:01:09 +0000
Manifest next update:     Sun 15 Jun 2025 20:01:09 +0000
Files and hashes:         1: oYNGitFuaZjU23dpvvv6BuofE0I.crl (hash: CQCsuYba5J6oL0v98glRXugRL66oTRWg9QK10hAQle8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oYNGitFuaZjU23dpvvv6BuofE0I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:70:08:1c:52:38:bf:71:cf:65:9a:ad:da:9b:83:9a:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a183468ad16e6998d4db7769befbfa06ea1f1342
        Validity
            Not Before: Jun 14 20:01:09 2025 GMT
            Not After : Jun 15 20:01:09 2025 GMT
        Subject: CN=d7efb1c45b3f23a2bf9382978a197bd970cb4d6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:e6:8e:90:f4:22:77:2f:35:d8:7f:34:f7:29:
                    29:d0:4f:ca:d9:3a:86:eb:94:3b:ff:7b:16:ba:de:
                    79:38:22:b8:7f:3e:9d:87:1a:8f:1c:10:54:f5:f4:
                    56:f6:7e:5b:64:f6:a0:0e:f7:3f:f9:59:ba:75:ed:
                    f5:27:82:09:d9:94:4d:2c:fa:a3:1a:e9:e7:43:ff:
                    ea:4d:0b:3d:69:b3:1a:71:28:18:da:c3:4f:4a:ee:
                    9b:85:8b:d3:07:8e:08:22:94:f1:ea:9e:cc:fc:a3:
                    15:91:f8:59:f3:f9:76:cd:ab:08:d3:5d:cc:ce:6c:
                    1a:5d:c6:37:b4:5f:47:3a:20:9a:50:f1:ef:c5:0e:
                    61:9d:d7:da:65:6c:f2:0c:8a:25:04:6d:92:e3:1d:
                    44:ab:41:55:e0:db:45:0c:5b:a8:d3:b0:69:18:7f:
                    69:e9:de:48:dd:28:bf:57:34:1a:b0:b8:bc:5e:63:
                    45:79:db:cf:aa:78:d9:16:82:e3:92:8c:bb:4d:08:
                    be:75:9d:2f:7f:f7:90:45:1c:ce:0f:cc:9d:21:95:
                    5d:cf:69:f6:59:55:f3:16:30:cd:02:30:0a:e4:6c:
                    45:73:19:9e:0d:bb:4a:8f:20:78:67:f3:8e:69:ee:
                    be:fa:02:3a:fd:5f:cd:a3:82:86:17:e9:e0:b9:77:
                    7f:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:EF:B1:C4:5B:3F:23:A2:BF:93:82:97:8A:19:7B:D9:70:CB:4D:6E
            X509v3 Authority Key Identifier:
                keyid:A1:83:46:8A:D1:6E:69:98:D4:DB:77:69:BE:FB:FA:06:EA:1F:13:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYNGitFuaZjU23dpvvv6BuofE0I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:45:d3:e2:da:0c:e1:01:ab:66:63:e0:a4:07:3d:13:ec:e7:
         49:8b:ab:c5:dd:db:65:ae:f3:67:b9:ab:ba:86:4d:60:06:ef:
         e2:73:ed:60:2d:20:d3:16:f0:d0:f4:35:bf:a2:90:2f:28:36:
         d6:ed:a5:fd:f9:3d:1a:ee:43:3c:b9:ef:65:16:fe:a1:ac:21:
         ec:39:f8:7a:f5:10:2e:9c:cf:68:0a:d9:79:bb:6d:81:53:af:
         1a:2d:27:a8:63:8e:c6:65:9d:aa:42:92:15:60:53:18:7c:5c:
         f0:35:4a:42:de:d7:0a:a3:27:d2:38:07:ce:88:30:b2:5c:02:
         ac:28:c5:1b:c9:8c:8c:c1:fe:db:95:0d:d5:24:00:97:b5:c6:
         7c:0c:8c:f1:b4:08:ef:3b:09:1f:df:b5:9d:3e:7f:46:b4:29:
         51:45:75:f5:2d:0e:d7:1a:93:05:4f:18:38:d1:68:c5:be:66:
         40:85:58:9e:91:c9:2a:6a:3b:0a:60:e0:30:99:58:44:6c:18:
         1e:69:a2:a0:4a:25:fb:c1:dd:bd:54:aa:56:f6:e9:59:64:ae:
         3d:86:80:20:1b:af:fe:ec:7c:07:b2:3f:09:93:50:2d:a5:f1:
         3d:10:22:54:a5:ec:a3:15:11:7b:25:0c:44:ed:a1:ca:4a:ef:
         18:b2:b0:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdwCBxSOL9xz2Wardqbg5qTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODM0NjhhZDE2ZTY5OThkNGRiNzc2OWJlZmJmYTA2ZWEx
ZjEzNDIwHhcNMjUwNjE0MjAwMTA5WhcNMjUwNjE1MjAwMTA5WjAzMTEwLwYDVQQD
EyhkN2VmYjFjNDViM2YyM2EyYmY5MzgyOTc4YTE5N2JkOTcwY2I0ZDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+aOkPQidy812H809ykp0E/K2TqG
65Q7/3sWut55OCK4fz6dhxqPHBBU9fRW9n5bZPagDvc/+Vm6de31J4IJ2ZRNLPqj
GunnQ//qTQs9abMacSgY2sNPSu6bhYvTB44IIpTx6p7M/KMVkfhZ8/l2zasI013M
zmwaXcY3tF9HOiCaUPHvxQ5hndfaZWzyDIolBG2S4x1Eq0FV4NtFDFuo07BpGH9p
6d5I3Si/VzQasLi8XmNFedvPqnjZFoLjkoy7TQi+dZ0vf/eQRRzOD8ydIZVdz2n2
WVXzFjDNAjAK5GxFcxmeDbtKjyB4Z/OOae6++gI6/V/No4KGF+nguXd/6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNfvscRbPyOiv5OCl4oZe9lwy01uMB8GA1UdIwQY
MBaAFKGDRorRbmmY1Nt3ab77+gbqHxNCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1lOR2l0RnVhWmpVMjNkcHZ2djZCdW9mRTBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82ODlkMDUtMWIxNC00ZjliLThlN2Mt
MzcxYWM3YzY1NGRhLzEvb1lOR2l0RnVhWmpVMjNkcHZ2djZCdW9mRTBJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82ODlkMDUtMWIxNC00ZjliLThlN2MtMzcxYWM3YzY1NGRh
LzEvb1lOR2l0RnVhWmpVMjNkcHZ2djZCdW9mRTBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATUXT4toM
4QGrZmPgpAc9E+znSYurxd3bZa7zZ7mruoZNYAbv4nPtYC0g0xbw0PQ1v6KQLyg2
1u2l/fk9Gu5DPLnvZRb+oawh7Dn4evUQLpzPaArZebttgVOvGi0nqGOOxmWdqkKS
FWBTGHxc8DVKQt7XCqMn0jgHzogwslwCrCjFG8mMjMH+25UN1SQAl7XGfAyM8bQI
7zsJH9+1nT5/RrQpUUV19S0O1xqTBU8YONFoxb5mQIVYnpHJKmo7CmDgMJlYRGwY
HmmioEol+8HdvVSqVvbpWWSuPYaAIBuv/ux8B7I/CZNQLaXxPRAiVKXsoxUReyUM
RO2hykrvGLKwyw==
-----END CERTIFICATE-----